﻿using System;
using System.Data;
using System.Data.SqlClient;
using System.IdentityModel.Selectors;
using System.IdentityModel.Tokens;
using System.ServiceModel;
using System.Web.Security;

namespace HRMService
{   
    [ServiceContract(Namespace = "http://HRMService")]
    public interface IMainService
    {        
        /// <summary>
        ///     Trongvm thêm ngày 5/9/2008.
        /// </summary>
        /// <param name="query"></param>
        /// <returns></returns>
        [OperationContract]
        DataSet Query(string query);

        [OperationContract]
        bool ExecuteQuery(string query);

        [OperationContract]
        DataSet Employee_GetListForExcel(int branchID, int departmentID);
        
    }

    public partial class MainService : IMainService
    {
        ///      Trongvm thêm ngày 5/9/2008. 
        /// </summary>
        /// <param name="sqlQuery"></param>
        /// <returns></returns>
        public DataSet Query(string sqlQuery)
        {
            DataSet retVal = null;
            SqlConnection dbConn = new SqlConnection(Properties.Settings.Default.ConnectionString);
            SqlCommand dbCmd = new SqlCommand(sqlQuery, dbConn);
            dbCmd.CommandType = CommandType.Text;

            try
            {
                retVal = new DataSet();
                SqlDataAdapter da = new SqlDataAdapter(dbCmd);
                da.Fill(retVal);
            }
            finally
            {
                dbConn.Close();
            }
            return retVal;
        }
        public bool ExecuteQuery(string sqlQuery)
        {
            bool retVal = false;
            SqlConnection dbConn = new SqlConnection(Properties.Settings.Default.ConnectionString);
            SqlCommand dbCmd = new SqlCommand(sqlQuery, dbConn);
            dbCmd.CommandType = CommandType.Text;
            try
            {
                dbConn.Open();
                if (dbCmd.ExecuteNonQuery() > 0)
                {
                    retVal = true;
                }
            }
            finally
            {
                dbConn.Close();
            }
            return retVal;
        }
        public DataSet Employee_GetListForExcel(int branchID, int departmentID)
        {
            DataSet retVal = null;
            SqlConnection dbConn = new SqlConnection(Properties.Settings.Default.ConnectionString);
            SqlCommand dbCmd = new SqlCommand("HRM_Employee_GetListForExcel", dbConn);
            dbCmd.CommandType = CommandType.StoredProcedure;
            dbCmd.Parameters.AddWithValue("@Branch_ID", branchID);
            dbCmd.Parameters.AddWithValue("@Department_ID", departmentID);
            try
            {
                retVal = new DataSet();
                SqlDataAdapter da = new SqlDataAdapter(dbCmd);
                da.Fill(retVal);
            }
            finally
            {
                dbConn.Close();
            }
            return retVal;
        }
    }

    public class CustomUserNameValidator : UserNamePasswordValidator
    {
        public override void Validate(string username, string password)
        {           
            if (null == username || null == password)
            {
                throw new ArgumentNullException();
            }
            Membership.GetUser(username);
            string P = FormsAuthentication.HashPasswordForStoringInConfigFile(Membership.GetUser(username).GetPassword(), "SHA1");
            if (P != password)
            {
                throw new SecurityTokenException("Unknown Username or Password");
            }

        }
    }

}
